Configuration steps to filter IT-related data for IT Compliance Home page

  • Release version: Yokohama
  • Updated January 30, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configuration steps to filter IT-related data for IT Compliance Home page

    This guide outlines the essential steps ServiceNow customers must follow to filter and display IT-related data specifically for the IT Compliance Home page within the Compliance Workspace. The process involves segregating IT-related data, auto-associating related child records, and ensuring the IT compliance manager can easily view this filtered data in the workspace.

    Show full answer Show less

    Data Segregation Using Functional Domain

    • A Functional domain field is added in the Settings tab of all Compliance Workspace related forms to classify data as IT related.
    • The user must set this field to IT risk and compliance to tag data accordingly.
    • This field is available on key GRC forms such as Entity, Control, Policy, Authority document, Issue, Engagement, Audit task, and others.

    Auto-association of IT-related Data

    • When a parent object (e.g., an Entity) is tagged as IT related, all related child objects (e.g., Controls) are automatically associated with the IT risk and compliance domain.
    • This relationship and inheritance are managed via the Functional domain configuration table (sngrcfunctionaldomainconfiguration), which defines parent-child relationships for auto-tagging.
    • System administrators configure these relationships by navigating to GRC Administration > Functional domains > Domain inheritance.
    • Manual user actions to add or remove tags on child records are tracked in the sngrcfunctionaldomainuseraction table and respected during auto-association.
    • A scheduled daily job (GRCObjectsFunctionalDomainChanges) processes these manual changes to update associations accordingly.
    • This setup ensures accurate and dynamic propagation of IT-related tags across related records.

    Displaying IT-related Data in the IT Compliance Home page

    • The IT Compliance Home page filters audit and compliance data to display only IT risk and compliance tagged records.
    • This filtering leverages the Functional domain field across all relevant base forms.
    • The IT compliance manager role grants access to this filtered view in the Compliance Workspace List modules.
    • Note that users with both corporate compliance manager and IT compliance manager roles may see duplicate list modules with the same name.

    Practical Benefits for ServiceNow Customers

    • Enables clear segregation and focused management of IT-specific compliance data within a broader GRC environment.
    • Automates data tagging and inheritance, reducing manual effort and improving data accuracy.
    • Provides IT compliance managers with streamlined access to relevant data for effective oversight and decision-making.
    • Supports scalable and maintainable configurations through functional domain inheritance and scheduled synchronization.

    There are three distinct steps that must be followed to segregate, associate, and display the IT-related data for the IT compliance manager to view in the IT Compliance Home page.

    GRC data segregation

    In all the Compliance Workspace related forms, the Functional domain field is added in the Settings tab to segregate a particular data and classify it as IT related data. The user must add IT risk and compliance as the functional domain.

    Figure 1. Functional domain field
    Functional domain setting.

    The Functional domain field is available in all GRC compliance and audit workspace related forms such as Entity, Control, Control Objective, Policy, Authority document, Citation, Entity type, Entity class, Issue, Indicator, Indicator template, Acknowledgement campaign, Policy exception, Engagement, Test template, Test plan, Issue triage, Observation, Plan, Audit task, Milestone, Evidence request, and Evidence.

    Auto-association of the segregated data

    If an audit or compliance object is identified as IT related, then all the related items associated to this object are also identified as IT related. The Functional domain configuration [sn_grc_functional_domain_configuration] table stores the data registry relationship between the parent object and its related child objects within the IT risk and compliance functional domain.

    For example, if an entity is classified as IT related entity, then all the controls associated to this entity are auto-associated as IT-related controls. The related child object has all the configurations defined such as the parent table, the child table, and the relationship between the two.

    As a system admin, you can define this configuration by navigating to GRC Administration > Functional domains > Domain inheritance. User must manually add the tag, functional domain, in the base forms such as Policy, Authority document, Entity type, Entity class, Entity, Plan, Engagement for auto-tagging the child records. When a parent table is tagged with a particular functional domain, and if the user removes the tag from one of its child records, then the removed tag is not added during auto-association. Similarly, if the user manually adds a tag, then the added tag is not removed during auto-association. The GRC functional domain user action [sn_grc_functional_domain_user_action] table captures and stores all manual actions of the user in the Functional domain field of the record that belong to a particular table in the respective functional domain.

    For more information on setting up auto-tagging, see the IT Compliance Workspace – Setup and Configurations for auto-tagging [KB1124058] article in the Now Support Knowledge Base.

    Figure 2. Functional domain configuration
    Functional domain configuration.

    A scheduled daily job (GRCObjectsFunctionalDomainChanges) runs and gathers the user's manual actions recorded in the table to read these relationships, auto-associate the child object to IT risk and compliance functional domain, and auto-populate the record in the related item of the parent table.

    For more information on the tables used for IT compliance workspace, see Components installed with Policy and Compliance Management.

    Display segregated data to IT compliance manager in IT Compliance Home page

    The IT compliance manager is the user who can access the IT risk and compliance data in the Compliance Workspace. In the List view of the Compliance Workspace, there is a filter that restricts the display of all audit and compliance data but refines to display only the IT risk and compliance data. The filter uses the Functional domain field in the all the audit and compliance related base forms to filter and display the IT related data in the Compliance Workspace List modules.

    Figure 3. IT risk and compliance data filter
    IT risk and compliance data filter.
    Note:
    An admin or any user with both corporate compliance manager and IT compliance manager roles can view two list modules with the same name.